Cloud-native high-performance edge/middle/service proxy
Envoy is hosted by the Cloud Native Computing Foundation (CNCF). If you are a company that wants to help shape the evolution of technologies that are container-packaged, dynamically-scheduled and microservices-oriented, consider joining the CNCF. For details about who's involved and how Envoy plays a role, read the CNCF announcement.
Please see this email thread for information on email list usage.
Contributing to Envoy is fun and modern C++ is a lot less scary than you might think if you don't have prior experience. To get started:
The Envoy team meets twice per month on Tuesday at 9am PT. The public Google calendar is here: https://goo.gl/PkDijT
There has been several third party engagements focused on Envoy security: * In 2018 Cure53 performed a security audit, full report. * In 2021 Ada Logics performed an audit on our fuzzing infrastructure with recommendations for improvements, full report.
If you've found a vulnerability or a potential vulnerability in Envoy please let us know at envoy-security. We'll send a confirmation email to acknowledge your report, and we'll send an additional email when we've identified the issue positively or negatively.
For further details please see our complete security release process.